Roaming for mobile e-commerce

ABSTRACT

A method is disclosed by which a user of a roaming mobile station can procure services and goods from a content provider at a visiting site. The content provider establishes contact with a mobile e-commerce server, the visited MeC server. The visited MeC server directs the request to the users home MeC server. The home MeC server performs the authentication of the user. In this way security relevant information is not revealed to the visited MeC server.

TECHNICAL FIELD

[0001] This invention is applicable for Mobile e-Commerce.

TECHNICAL BACKGROUND

[0002] Mobile e-Commerce

[0003] Mobile e-Commerce is commerce made available to the mobile user through mobile devices such as mobile phones, PDA, etc. The mobile user has the possibility to make a bet, play a game, pay bills, perform a transaction, buy stocks, buy and pay securely using their mobile device.

[0004] Due to the physical limitations of the mobile devices such as processing power, memory size, battery lifetime, etc. it is common to have a Mobile e-Commerce (MeC) server to assist in the security and payment processes. FIG. 1 shows an example of a Mobile e-Commerce system, which consists of:

[0005] Mobile devices

[0006] A Mobile e-Commerce Server

[0007] Financial Institutions

[0008] Merchant or Content Provider

[0009] In general a user browses to a merchant or content provider site using their mobile device. They are presented with options and select goods or services to be purchased. At some stage they will wish to “check out” and pay for these selected items. The content provider diverts the request to the MeC Server. The MeC server maintains relevant user information in order to authenticate, and get payment approval. It then contacts the Financial Institution (e.g. Credit Card Company, bank, etc.) to get payment clearance.

[0010] On a positive answer from the Financial Institution, the MeC server will inform the content provider to proceed. Depending on the nature of the merchandise, it could be delivered directly to the user, be picked up by the user or be shipped by post later. The general flow is shown in FIG. 2.

[0011] It is important to note that in this scenario, both the user and the content provider are registered in the Mobile e-Commerce server. Obviously the Financial Institution has agreements with the Mobile e-Commerce service provider and the content provider for payment clearance. This environment can be regarded as the Home Service Area. How the user access this service area, is outside the scope of this document.

[0012] The Problem Area

[0013] The substance of Mobile e-Commerce lies on the mobility of the user. It should be possible for a mobile user to access Mobile e-Commerce services whenever and wherever he/she is, both nationally and internationally.

[0014] Currently, when roaming, the mobile user can communicate with their Home Mobile e-Commerce Service Area. They can still make a bet, pay a bill or perform a transaction. However, when it comes to purchasing it is likely that he/she wants to buy things that are local at the visiting site. For example internationally, then it is quite obvious that they will want to purchase movie tickets at a visited cinema, and not their home theatre. It is likely that this cinema or visited ticket provider will not have an established agreement with the Home Mobile e-Commerce Service Provider.

[0015] On the other hand, the visited ticket provider probably has the necessary agreements with the Visiting Mobile e-Commerce Service Provider but cannot offer services to the roaming mobile user since the service provider does not have necessary subscription details such as:

[0016] For security purposes: Cryptographic Keys, Digital Certificates etc. These can be used for identifying the subscriber, generating and/or verifying Digital Signatures

[0017] For payment purposes: Credit Card details, Bank Account numbers etc. These can be used for completing payment transactions,

[0018] The situation is depicted in FIG. 3. The current solution does not allow a mobile user away from home to access both the Home Mobile e-Commerce service and Visiting Mobile e-Commerce services. This is a major limitation of present systems.

[0019] Related Prior Art

[0020] International patent application WO9944165 discloses a system for e-Commerce on the Internet, enabling customers to pay for services and goods from prepaid accounts. The system is based on the use of modular transaction servers (TxS). The TxS includes among other an input device for receiving requests for a service from end-users, a service device rendering the requested service and an account device for keeping track of the users balances.

[0021] In a roaming situation, two TxS devices are involved. The first device, identified as a foreign TxS, is the place where the end-user initiates the transaction. The second device, identified as the home TxS, holds the business information for the pre-paid account. The home TxS is requested by the foreign TxS to retrieve the PIN information and update the account.

[0022] WO9944165 relates to e-Commerce on the Internet and never discusses the mobile domain or the implications of roaming within this domain. The solution is restricted to prepaid transactions.

[0023] A major weakness with this system is the low security level offered, due to the exchange of PIN data. This assumes a trust level between the home TxS and the foreign TxS. It is assumed that a user will automatically trust the foreign TxS, and provide secret information, such as a PIN, to this foreign server. In the mobile world it is very likely that the home operator and the foreign operator have no trust relationship. This makes this solution less feasible in a mobile communication network.

[0024] Further, WO9944165 mentions nothing on how to identify the home server, it is assumed that the foreign server knows this server.

The Invention BRIEF DESCRIPTION

[0025] The present invention is aiming at removing the limitations mentioned above by introducing roaming capability in the Mobile e-Commerce systems.

[0026] According to the invention, if an MeC server is approached by an unknown user, it will find the users home MeC server and redirect him to that server. The home MeC server will then take care of the security verification and payment processes. Afterwards, the user is redirected to the visited MeC server to complete the transaction. By this arrangement, sensitive information is communicated directly between the user and his home MeC server, and not revealed to foreign parties. The invention comprises:

[0027] A roaming capability module for Mobile e-Commerce Servers. The roaming module can be implemented as a plug-in to existing e-Commerce servers, and is thereby independent of the e-Commerce server.

[0028] A method for home server location i.e. to find the Home Mobile e-Commerce server of a user.

[0029] An interconnection protocol to complete payment and security transactions.

[0030] The scope of the present invention is as defined in the appended patent claims.

[0031] An embodiment of the present invention will now be described in reference to the appended drawings, in which:

[0032]FIG. 1 shows a simplified overview of a mobile e-Commerce system (prior art),

[0033]FIG. 2 shows the general payment flow in the mobile e-Commerce system depicted in FIG. 1.

[0034]FIG. 3 shows how roaming is blocked in a system according to FIG. 1.

[0035]FIG. 4 is a general flow diagram of a procedure for home server location in a system according to the present invention.

[0036]FIG. 5 relates to the interconnection protocol used for security and payment requests between the foreign and home server in a system according to the present invention, and shows the general flow diagram for such a request.

[0037]FIG. 6 is a flow diagram showing the payment flow in a roaming situation.

DETAILED DESCRIPTION OF THE INDIVIDUAL COMPONENTS IN A SYSTEM according to the invention

[0038] Roaming Capability Module

[0039] The roaming capability module is a module on the Mobile e-Commerce server that maintains details for other Mobile e-Commerce servers. This can be partner servers, i.e. servers of which the operators have established a mutual agreement. However, such a partnership is not mandatory, but will be assumed in the following discussion. In the module, the following details are stored:

[0040] Name: An identifier for the partner service provider.

[0041] Access Address: This is a server address that can be addressed from another server. This may be an IP address, hostname and/or a URL.

[0042] Country: This identifies in which country the remote Mobile e-Commerce server is located.

[0043] Country Code: This is the international country code prefix of the remote server subscribers, e.g. the international prefix for Norway is 47.

[0044] Local Prefix: This is a list of prefixes that the remote server accepts request for. The local prefix helps in reducing the search if many MeC servers exist within a single country.

[0045] The roaming capability module is connected to an international network, such as the Internet (or for large corporations, an Intranet). In this way it can make requests to remote Mobile e-Commerce servers.

[0046] Home Server Location

[0047] When an e-Commerce server is requested to fulfil a transaction for an unknown subscriber, it can try to identify the Home MeC server of that subscriber. The Roaming Capability Module can make a roamUserRequest to each of the partner Mobile e-Commerce servers. Using an intelligent search to reduce the partner list may reduce the number of roamUserRequest messages sent. Various methods can be used to reduce the search area, for example the subscribers phone number may identify a geographical area that should be requested first, this can be further reduced using the local prefix.

[0048] roamUserRequest

[0049] The roamUserRequest requests the remote Mobile e-Commerce server to respond indicating if they will accept requests of a specific type for the subscriber. The roamUserRequest contains at least:

[0050] A subscribers identity such as their phone number, and

[0051] The request type, such as payment, digital signature etc.

[0052] The request type relates to the purpose of the transaction, i.e. to pay for a service or goods, gain access to sensitive information (in which case it may be necessary to verify the identity of the user or establish a secure communication channel), sign an agreement (a digital certificate is needed), or start a new service.

[0053] On receipt of a roamUserRequest the remote Mobile e-Commerce server responds with a roamUserResponse. The roamUserResponse contains:

[0054] The subscriber identity

[0055] The request type

[0056] Accept or Reject

[0057] A list of additional information available to for the subscriber e.g. Payment methods available.

[0058]FIG. 4 shows the general flow for Home Server Location.

[0059] In order to increase security the roamUserRequest and roamUserResponse may be digitally signed by the MeC server. In this way the receiving server can be more certain that the originating request is from a valid MeC server.

[0060] Once the Roaming Capability Module identifies the Home Mobile e-Commerce server then both servers can authenticate to avoid rogue systems and establish a secure communication channel. This authentication and secure communication is outside the scope of this description, but may use existing solutions such as SSL or TLS.

[0061] Interconnection Protocol

[0062] The Interconnection Protocol provides for Security and Payment Requests.

[0063] Security

[0064] One of the primary concerns with security is revealing secret information to a third party that may not be trusted. As a result it is important that all security requests are handled through the Home Mobile e-Commerce Server. To achieve this the user must be directed to their Home Mobile e-Commerce Server, and the result must be made available to the Visited Mobile e-Commerce Server.

[0065] This procedure varies somewhat in dependence of the request type, i.e. if the desired action is a payment or some other service. This service maybe requesting a digital signature to access sensitive information, such as a bank account balance, or subscribing to a new service, which requires signing of a service agreement. We will first describe the procedure followed when the request type is of some other type than payment.

[0066]FIG. 5 shows the general flow for such a request.

[0067] Following the diagram:

[0068] Steps 1-5 identify the Home Server, as described in the preceding chapter.

[0069] Steps 6-7 get a contract that will be used for Authentication or Digital Signing from the content provider

[0070] Step 8 delivers the contract to the Home Mobile e-Commerce Server. This communication uses the secure link established in Steps 1-5

[0071] Step 9 is a message to direct the user to their Home Mobile e-Commerce Server

[0072] Step 10. The user makes the security request directly to their Home MeC Server. Client-Server authentication maybe used here to provide a guarantee to the end-user that they are communicating with the correct MeC Server. How this is achieved is outside the scope of this description.

[0073] Step 11. The Home MeC Server responds with the contract

[0074] Step 12. The user enters their PIN

[0075] Step 13. The security result (securityResult) is returned to the Home MeC Server

[0076] Step 14. The home MeC server verifies the security result

[0077] Step 15. The Visited MeC server is notified of the result

[0078] Step 16. The Content Provider is notified of the result

[0079] Step 17. The end user is provided with a transaction receipt, and an URL to continue browsing (18).

[0080] It is important to note that the securityResult may vary depending on the request type and the Mobile Device capabilities:

[0081] Authentication

[0082] If the requestType is authentication, then the roamSecurityResult will indicate whether or not the request was successful.

[0083] Delegated Digital Signing

[0084] If the requestType is Digital Signature, then the Home MeC is Server, may authenticate the user, and then using stored information generate the digital signature on the server.

[0085] End to End Digital Signing dIf the requestType is Digital Signature, or End-to-End Digital Signature and the Mobile Device supports digital signature generation, then the securityResult will be the Digital Signature generated from the Mobile Device. The roamSecurityResult may be the same signature or contain additional information. E.g. converted from PKCS#1 to PKCS#7 using locally stored information.

[0086] Payment

[0087] The following example shows the individual steps involved when the request type is payment.

[0088]FIG. 6 shows the Payment Flow when roaming. Again following the diagram:

[0089] Steps 1-5 identify the Home Server, as described in the preceding chapter.

[0090] Steps 6-7 get details of the payment from the content provider, e.g. total value of the goods/service to be purchased.

[0091] Steps 8-9. The roamUserResponse contains the payment types available for the end-user. Using this information, and local information on the Content Provider, it is possible for the Visited MeC Server, to identify a subset of available payment types, and present these to the end-user for selection.

[0092] Step 10. The Visited MeC Server generates a contract for payment and delivers it to the Home MeC Server. This communication uses the secure link established in Steps 1-5.

[0093] Step 11. A message to direct the user to their Home MeC Server.

[0094] Step 12. The user makes a pay request directly to their Home MeC Server. Client-Server authentication maybe used here to provide a guarantee to the end-user that they are communicating with the correct MeC Server. How this is achieved is outside the scope of this description.

[0095] Step 13. The Home MeC Server responds with the contract

[0096] Step 14. The user enters their PIN

[0097] Step 15. The security result is returned to the Home MeC Server

[0098] Step 16. The home MeC server verifies the security result

[0099] Step 17. The Home MeC Server delivers the result to the Visited MeC Server. This result indicates if payment can continue. It also contains relevant information to complete the payment, e.g. the end-user credit card details.

[0100] Steps 18-19. A message is delivered to verify the payment will be completed, and direct the end-user to the Visited MeC Server.

[0101] Steps 20A and 20B. The Payment is performed. This requires communication with both the Content Provider and the Financial Institution. This is outside the scope of this description as there are many well know payment solutions and flows.

[0102] Step 21. The Home MeC Server is notified of the payment result.

[0103] Step 22. The end user is provided with a transaction receipt and an URL to continue browsing (18).

[0104] Advantages

[0105] The advantages to this solution include:

[0106] 1. Security relevant information such as PIN numbers or private keys is never revealed.

[0107] 2. Once a content provider has established connection to a Mobile e-Commerce Server, there is no additional work for the content provider to receive payments from roaming subscribers.

[0108] 3. There is no additional complexity for the end user. For example in the payment flow, Steps 12, 19 are slightly different. However, using for example the WAP, WML element ‘onenterforward’, the end-user may not notice the difference.

[0109] Broadening

[0110] It is possible that this could be broadened for a Server based Mobile Wallet. In this case the Home MeC server may contain the mobile wallet. Then in Steps 20A and 20B the payment flow would resolve the transfer of funds from the Mobile Wallet to the Content Provider account. 

1. Method for performing e-Commerce via a mobile telephone network, enabling the user of a Mobile Station (MS) to procure services or goods from a local Content Provider (CP) at a visiting site, characterized in that a request from the MS to procure a service or goods is routed from the CP to a first Mobile e-Commerce (MeC) server, called the visited MeC server, handling the security and payment processes, the visited MeC server identifies the home MeC server of the MS, the visited MeC server directs the MS to its home MeC server, the home MeC server security verifies the MS, the result of the security verification and payment details are passed to the visited MeC server indicating if the transaction can continue, the visited MeC server contacts a Financial Institution to get payment clearance, if the result is positive the CP delivers the services/goods, and the FI charges the user.
 2. A method for performing e-Commerce via a mobile telephone network, enabling the user of a Mobile Station to obtain services from a local Content Provider at a visiting site, characterized in that a request from the MS to obtain a service is routed from the CP to a first Mobile e-Commerce (MeC) server, called the visited MeC server, handling the security process, the visited MeC server identifies the home MeC server of the MS, the visited MeC server directs the MS to its home MeC server, the home MeC server security verifies the MS, and returns a security related product to the visited MeC server, the home MeC server redirects the MS to the visited MeC to complete the transaction.
 3. A method as claimed in claim 2, characterized in that the security related product is an authentication result, a digital signature or a digital certificate.
 4. A method as claimed in claim 1 or 2, characterized in that the security verification step includes: to get a contract from the CP and deliver it to the home MeC server, when the MS is directed to its home MeC server, said server responds with the contract, the MS accepts the contract by returning the user's PIN, the home MeC server verifies the PIN and transmits the result of the verification to the visited MeC server.
 5. A method as claimed in claim 2, characterized in that the security verification step includes: to get a contract from the CP and deliver it to the home MeC server, when the MS is directed to its home MeC server, said server responds with the contract, the MS accepts the contract by returning a first digital signature generated in the MS, the home MeC server verifies the first digital signature, packages said first digital signature into a second standard digital signature, and transmits the second digital signature to the visited MeC server.
 6. A method as claimed in claim 1 or 2, characterized in that the step of identifying the home MeC server includes that the visited MeC server consults a table of available MeC servers and subsequently issue a request (roamUserRequest) to each MeC server, which request includes the following fields: subscriber identity request type, such as payment or other service whereupon each requested MeC server responds with a message (roamUserResponse) including the following fields: subscriber identity request type accept or reject additional information available for the subscriber and this procedure continues until one of the contacted MeC servers issue a positive response, or the list of available servers is exhausted.
 7. A method as claimed in claim 6, characterized in that the table of available MeC servers includes the fields: name access address country, in which the server is located country code local prefix and the visited MeC server performs a logical search in the table in order to narrow down the number of possible MeC servers.
 8. A method as claimed in claim 6, characterized in that the table of available MeC servers only comprises servers that have established a partnership with the visited MeC server.
 9. A method as claimed in claim 6, characterized in that said requests and responses are digitally signed by the MeC servers.
 10. A method as claimed in claim 6, characterized in that when the home MeC is identified, both servers authenticate.
 11. Method as claimed in any of the preceding claims, characterized in that client-server authentication is used in the communication between MS and home MeC server.
 12. Roaming Capability Module for a Mobile e-Commerce Server, characterized in that the module is connected to a communication network on which it can contact remote MeC servers, the module includes a table storing the identity and address of other MeC servers, the module is adapted to, upon its parent MeC server being approached by an unknown customer, to consult the table and find the home MeC server of said customer, establish contact between the customer and his home MeC server.
 13. A module as claimed in claim 12, characterized in that the module is implemented as a plug-in to its MeC server. 